From d2db1de6ff15aad4c8898a416c6d8f2d93ff0282 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Mon, 4 Sep 2017 15:21:53 +0100 Subject: armv7m_nvic.h: Move from include/hw/arm to include/hw/intc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The armv7m_nvic.h header file was accidentally placed in include/hw/arm; move it to include/hw/intc to match where its corresponding .c file lives. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Edgar E. Iglesias Reviewed-by: Richard Henderson Message-id: 1501692241-23310-15-git-send-email-peter.maydell@linaro.org --- include/hw/arm/armv7m.h | 2 +- include/hw/arm/armv7m_nvic.h | 62 ------------------------------------------- include/hw/intc/armv7m_nvic.h | 62 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 63 insertions(+), 63 deletions(-) delete mode 100644 include/hw/arm/armv7m_nvic.h create mode 100644 include/hw/intc/armv7m_nvic.h (limited to 'include') diff --git a/include/hw/arm/armv7m.h b/include/hw/arm/armv7m.h index a9b3f2a..10eb058 100644 --- a/include/hw/arm/armv7m.h +++ b/include/hw/arm/armv7m.h @@ -11,7 +11,7 @@ #define HW_ARM_ARMV7M_H #include "hw/sysbus.h" -#include "hw/arm/armv7m_nvic.h" +#include "hw/intc/armv7m_nvic.h" #define TYPE_BITBAND "ARM,bitband-memory" #define BITBAND(obj) OBJECT_CHECK(BitBandState, (obj), TYPE_BITBAND) diff --git a/include/hw/arm/armv7m_nvic.h b/include/hw/arm/armv7m_nvic.h deleted file mode 100644 index 1d145fb..0000000 --- a/include/hw/arm/armv7m_nvic.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * ARMv7M NVIC object - * - * Copyright (c) 2017 Linaro Ltd - * Written by Peter Maydell - * - * This code is licensed under the GPL version 2 or later. - */ - -#ifndef HW_ARM_ARMV7M_NVIC_H -#define HW_ARM_ARMV7M_NVIC_H - -#include "target/arm/cpu.h" -#include "hw/sysbus.h" -#include "hw/timer/armv7m_systick.h" - -#define TYPE_NVIC "armv7m_nvic" - -#define NVIC(obj) \ - OBJECT_CHECK(NVICState, (obj), TYPE_NVIC) - -/* Highest permitted number of exceptions (architectural limit) */ -#define NVIC_MAX_VECTORS 512 - -typedef struct VecInfo { - /* Exception priorities can range from -3 to 255; only the unmodifiable - * priority values for RESET, NMI and HardFault can be negative. - */ - int16_t prio; - uint8_t enabled; - uint8_t pending; - uint8_t active; - uint8_t level; /* exceptions <=15 never set level */ -} VecInfo; - -typedef struct NVICState { - /*< private >*/ - SysBusDevice parent_obj; - /*< public >*/ - - ARMCPU *cpu; - - VecInfo vectors[NVIC_MAX_VECTORS]; - uint32_t prigroup; - - /* vectpending and exception_prio are both cached state that can - * be recalculated from the vectors[] array and the prigroup field. - */ - unsigned int vectpending; /* highest prio pending enabled exception */ - int exception_prio; /* group prio of the highest prio active exception */ - - MemoryRegion sysregmem; - MemoryRegion container; - - uint32_t num_irq; - qemu_irq excpout; - qemu_irq sysresetreq; - - SysTickState systick; -} NVICState; - -#endif diff --git a/include/hw/intc/armv7m_nvic.h b/include/hw/intc/armv7m_nvic.h new file mode 100644 index 0000000..1d145fb --- /dev/null +++ b/include/hw/intc/armv7m_nvic.h @@ -0,0 +1,62 @@ +/* + * ARMv7M NVIC object + * + * Copyright (c) 2017 Linaro Ltd + * Written by Peter Maydell + * + * This code is licensed under the GPL version 2 or later. + */ + +#ifndef HW_ARM_ARMV7M_NVIC_H +#define HW_ARM_ARMV7M_NVIC_H + +#include "target/arm/cpu.h" +#include "hw/sysbus.h" +#include "hw/timer/armv7m_systick.h" + +#define TYPE_NVIC "armv7m_nvic" + +#define NVIC(obj) \ + OBJECT_CHECK(NVICState, (obj), TYPE_NVIC) + +/* Highest permitted number of exceptions (architectural limit) */ +#define NVIC_MAX_VECTORS 512 + +typedef struct VecInfo { + /* Exception priorities can range from -3 to 255; only the unmodifiable + * priority values for RESET, NMI and HardFault can be negative. + */ + int16_t prio; + uint8_t enabled; + uint8_t pending; + uint8_t active; + uint8_t level; /* exceptions <=15 never set level */ +} VecInfo; + +typedef struct NVICState { + /*< private >*/ + SysBusDevice parent_obj; + /*< public >*/ + + ARMCPU *cpu; + + VecInfo vectors[NVIC_MAX_VECTORS]; + uint32_t prigroup; + + /* vectpending and exception_prio are both cached state that can + * be recalculated from the vectors[] array and the prigroup field. + */ + unsigned int vectpending; /* highest prio pending enabled exception */ + int exception_prio; /* group prio of the highest prio active exception */ + + MemoryRegion sysregmem; + MemoryRegion container; + + uint32_t num_irq; + qemu_irq excpout; + qemu_irq sysresetreq; + + SysTickState systick; +} NVICState; + +#endif -- cgit v1.1 From bf1733392ca22f593cac77534f88ee6d6810837e Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Mon, 4 Sep 2017 15:21:53 +0100 Subject: loader: Handle ELF files with overlapping zero-initialized data For embedded systems, notably ARM, one common use of ELF file segments is that the 'physical addresses' represent load addresses and the 'virtual addresses' execution addresses, such that the load addresses are packed into ROM or flash, and the relocation and zero-initialization of data is done at runtime. This means that the 'memsz' in the segment header represents the runtime size of the segment, but the size that needs to be loaded is only the 'filesz'. In particular, paddr+memsz may overlap with the next segment to be loaded, as in this example: 0x70000001 off 0x00007f68 vaddr 0x00008150 paddr 0x00008150 align 2**2 filesz 0x00000008 memsz 0x00000008 flags r-- LOAD off 0x000000f4 vaddr 0x00000000 paddr 0x00000000 align 2**2 filesz 0x00000124 memsz 0x00000124 flags r-- LOAD off 0x00000218 vaddr 0x00000400 paddr 0x00000400 align 2**3 filesz 0x00007d58 memsz 0x00007d58 flags r-x LOAD off 0x00007f70 vaddr 0x20000140 paddr 0x00008158 align 2**3 filesz 0x00000a80 memsz 0x000022f8 flags rw- LOAD off 0x000089f0 vaddr 0x20002438 paddr 0x00008bd8 align 2**0 filesz 0x00000000 memsz 0x00004000 flags rw- LOAD off 0x000089f0 vaddr 0x20000000 paddr 0x20000000 align 2**0 filesz 0x00000000 memsz 0x00000140 flags rw- where the segment at paddr 0x8158 has a memsz of 0x2258 and would overlap with the segment at paddr 0x8bd8 if QEMU's loader tried to honour it. (At runtime the segments will not overlap since their vaddrs are more widely spaced than their paddrs.) Currently if you try to load an ELF file like this with QEMU then it will fail with an error "rom: requested regions overlap", because we create a ROM image for each segment using the memsz as the size. Support ELF files using this scheme, by truncating the zero-initialized part of the segment if it would overlap another segment. This will retain the existing loader behaviour for all ELF files we currently accept, and also accept ELF files which only need 'filesz' bytes to be loaded. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 1502116754-18867-2-git-send-email-peter.maydell@linaro.org --- include/hw/elf_ops.h | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) (limited to 'include') diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h index a172a60..2e526d3 100644 --- a/include/hw/elf_ops.h +++ b/include/hw/elf_ops.h @@ -362,6 +362,54 @@ static int glue(load_elf, SZ)(const char *name, int fd, goto fail; } } + + /* The ELF spec is somewhat vague about the purpose of the + * physical address field. One common use in the embedded world + * is that physical address field specifies the load address + * and the virtual address field specifies the execution address. + * Segments are packed into ROM or flash, and the relocation + * and zero-initialization of data is done at runtime. This + * means that the memsz header represents the runtime size of the + * segment, but the filesz represents the loadtime size. If + * we try to honour the memsz value for an ELF file like this + * we will end up with overlapping segments (which the + * loader.c code will later reject). + * We support ELF files using this scheme by by checking whether + * paddr + memsz for this segment would overlap with any other + * segment. If so, then we assume it's using this scheme and + * truncate the loaded segment to the filesz size. + * If the segment considered as being memsz size doesn't overlap + * then we use memsz for the segment length, to handle ELF files + * which assume that the loader will do the zero-initialization. + */ + if (mem_size > file_size) { + /* If this segment's zero-init portion overlaps another + * segment's data or zero-init portion, then truncate this one. + * Invalid ELF files where the segments overlap even when + * only file_size bytes are loaded will be rejected by + * the ROM overlap check in loader.c, so we don't try to + * explicitly detect those here. + */ + int j; + elf_word zero_start = ph->p_paddr + file_size; + elf_word zero_end = ph->p_paddr + mem_size; + + for (j = 0; j < ehdr.e_phnum; j++) { + struct elf_phdr *jph = &phdr[j]; + + if (i != j && jph->p_type == PT_LOAD) { + elf_word other_start = jph->p_paddr; + elf_word other_end = jph->p_paddr + jph->p_memsz; + + if (!(other_start >= zero_end || + zero_start >= other_end)) { + mem_size = file_size; + break; + } + } + } + } + /* address_offset is hack for kernel images that are linked at the wrong physical address. */ if (translate_fn) { -- cgit v1.1 From f33e5e6299288c945380e3ce3ea9d2406277c289 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Mon, 4 Sep 2017 15:21:53 +0100 Subject: loader: Ignore zero-sized ELF segments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some ELF files have program headers that specify segments that are of zero size. Ignore them, rather than trying to create zero-length ROM blobs for them, because the zero-length blob can falsely trigger the overlapping-ROM-blobs check. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Tested-by: Hua Yanghao Message-id: 1502116754-18867-3-git-send-email-peter.maydell@linaro.org --- include/hw/elf_ops.h | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h index 2e526d3..d192e7e 100644 --- a/include/hw/elf_ops.h +++ b/include/hw/elf_ops.h @@ -451,14 +451,24 @@ static int glue(load_elf, SZ)(const char *name, int fd, *pentry = ehdr.e_entry - ph->p_vaddr + ph->p_paddr; } - if (load_rom) { - snprintf(label, sizeof(label), "phdr #%d: %s", i, name); - - /* rom_add_elf_program() seize the ownership of 'data' */ - rom_add_elf_program(label, data, file_size, mem_size, addr, as); - } else { - cpu_physical_memory_write(addr, data, file_size); + if (mem_size == 0) { + /* Some ELF files really do have segments of zero size; + * just ignore them rather than trying to create empty + * ROM blobs, because the zero-length blob can falsely + * trigger the overlapping-ROM-blobs check. + */ g_free(data); + } else { + if (load_rom) { + snprintf(label, sizeof(label), "phdr #%d: %s", i, name); + + /* rom_add_elf_program() seize the ownership of 'data' */ + rom_add_elf_program(label, data, file_size, mem_size, + addr, as); + } else { + cpu_physical_memory_write(addr, data, file_size); + g_free(data); + } } total_size += mem_size; -- cgit v1.1 From f55d613bc97cd8d08487eddec313c3298a906a91 Mon Sep 17 00:00:00 2001 From: Andrew Jeffery Date: Mon, 4 Sep 2017 15:21:54 +0100 Subject: watchdog: wdt_aspeed: Add support for the reset width register MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The reset width register controls how the pulse on the SoC's WDTRST{1,2} pins behaves. A pulse is emitted if the external reset bit is set in WDT_CTRL. On the AST2500 WDT_RESET_WIDTH can consume magic bit patterns to configure push-pull/open-drain and active-high/active-low behaviours and thus needs some special handling in the write path. As some of the capabilities depend on the SoC version a silicon-rev property is introduced, which is used to guard version-specific behaviour. Signed-off-by: Andrew Jeffery Reviewed-by: Cédric Le Goater Signed-off-by: Peter Maydell --- include/hw/watchdog/wdt_aspeed.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/hw/watchdog/wdt_aspeed.h b/include/hw/watchdog/wdt_aspeed.h index 080c223..7de3e5c 100644 --- a/include/hw/watchdog/wdt_aspeed.h +++ b/include/hw/watchdog/wdt_aspeed.h @@ -27,6 +27,8 @@ typedef struct AspeedWDTState { uint32_t regs[ASPEED_WDT_REGS_MAX]; uint32_t pclk_freq; + uint32_t silicon_rev; + uint32_t ext_pulse_width_mask; } AspeedWDTState; #endif /* ASPEED_WDT_H */ -- cgit v1.1 From 3114d092b1740f9db9aa559aeb48ee387011e1da Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Mon, 4 Sep 2017 15:21:54 +0100 Subject: memory.h: Move MemTxResult type to memattrs.h Move the MemTxResult type to memattrs.h. We're going to want to use it in cpu/qom.h, which doesn't want to include all of memory.h. In practice MemTxResult and MemTxAttrs are pretty closely linked since both are used for the new-style read_with_attrs and write_with_attrs callbacks, so memattrs.h is a reasonable home for this rather than creating a whole new header file for it. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Reviewed-by: Edgar E. Iglesias Reviewed-by: Alistair Francis --- include/exec/memattrs.h | 10 ++++++++++ include/exec/memory.h | 10 ---------- 2 files changed, 10 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h index e601061..d4a1642 100644 --- a/include/exec/memattrs.h +++ b/include/exec/memattrs.h @@ -46,4 +46,14 @@ typedef struct MemTxAttrs { */ #define MEMTXATTRS_UNSPECIFIED ((MemTxAttrs) { .unspecified = 1 }) +/* New-style MMIO accessors can indicate that the transaction failed. + * A zero (MEMTX_OK) response means success; anything else is a failure + * of some kind. The memory subsystem will bitwise-OR together results + * if it is synthesizing an operation from multiple smaller accesses. + */ +#define MEMTX_OK 0 +#define MEMTX_ERROR (1U << 0) /* device returned an error */ +#define MEMTX_DECODE_ERROR (1U << 1) /* nothing at that address */ +typedef uint32_t MemTxResult; + #endif diff --git a/include/exec/memory.h b/include/exec/memory.h index 400dd44..1dcd312 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -112,16 +112,6 @@ static inline void iommu_notifier_init(IOMMUNotifier *n, IOMMUNotify fn, n->end = end; } -/* New-style MMIO accessors can indicate that the transaction failed. - * A zero (MEMTX_OK) response means success; anything else is a failure - * of some kind. The memory subsystem will bitwise-OR together results - * if it is synthesizing an operation from multiple smaller accesses. - */ -#define MEMTX_OK 0 -#define MEMTX_ERROR (1U << 0) /* device returned an error */ -#define MEMTX_DECODE_ERROR (1U << 1) /* nothing at that address */ -typedef uint32_t MemTxResult; - /* * Memory region callbacks */ -- cgit v1.1 From 0dff0939f6fc6a7abd966d4295f06a06d7a01df9 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Mon, 4 Sep 2017 15:21:54 +0100 Subject: cpu: Define new cpu_transaction_failed() hook Currently we have a rather half-baked setup for allowing CPUs to generate exceptions on accesses to invalid memory: the CPU has a cpu_unassigned_access() hook which the memory system calls in unassigned_mem_write() and unassigned_mem_read() if the current_cpu pointer is non-NULL. This was originally designed before we implemented the MemTxResult type that allows memory operations to report a success or failure code, which is why the hook is called right at the bottom of the memory system. The major problem with this is that it means that the hook can be called even when the access was not actually done by the CPU: for instance if the CPU writes to a DMA engine register which causes the DMA engine to begin a transaction which has been set up by the guest to operate on invalid memory then this will casue the CPU to take an exception incorrectly. Another minor problem is that currently if a device returns a transaction error then this won't turn into a CPU exception at all. The right way to do this is to have allow the CPU to respond to memory system transaction failures at the point where the CPU specific code calls into the memory system. Define a new QOM CPU method and utility function cpu_transaction_failed() which is called in these cases. The functionality here overlaps with the existing cpu_unassigned_access() because individual target CPUs will need some work to convert them to the new system. When this transition is complete we can remove the old cpu_unassigned_access() code. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Reviewed-by: Edgar E. Iglesias --- include/qom/cpu.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'include') diff --git a/include/qom/cpu.h b/include/qom/cpu.h index b7ac949..08bd868 100644 --- a/include/qom/cpu.h +++ b/include/qom/cpu.h @@ -85,8 +85,11 @@ struct TranslationBlock; * @has_work: Callback for checking if there is work to do. * @do_interrupt: Callback for interrupt handling. * @do_unassigned_access: Callback for unassigned access handling. + * (this is deprecated: new targets should use do_transaction_failed instead) * @do_unaligned_access: Callback for unaligned access handling, if * the target defines #ALIGNED_ONLY. + * @do_transaction_failed: Callback for handling failed memory transactions + * (ie bus faults or external aborts; not MMU faults) * @virtio_is_big_endian: Callback to return %true if a CPU which supports * runtime configurable endianness is currently big-endian. Non-configurable * CPUs can use the default implementation of this method. This method should @@ -153,6 +156,10 @@ typedef struct CPUClass { void (*do_unaligned_access)(CPUState *cpu, vaddr addr, MMUAccessType access_type, int mmu_idx, uintptr_t retaddr); + void (*do_transaction_failed)(CPUState *cpu, hwaddr physaddr, vaddr addr, + unsigned size, MMUAccessType access_type, + int mmu_idx, MemTxAttrs attrs, + MemTxResult response, uintptr_t retaddr); bool (*virtio_is_big_endian)(CPUState *cpu); int (*memory_rw_debug)(CPUState *cpu, vaddr addr, uint8_t *buf, int len, bool is_write); @@ -847,6 +854,21 @@ static inline void cpu_unaligned_access(CPUState *cpu, vaddr addr, cc->do_unaligned_access(cpu, addr, access_type, mmu_idx, retaddr); } + +static inline void cpu_transaction_failed(CPUState *cpu, hwaddr physaddr, + vaddr addr, unsigned size, + MMUAccessType access_type, + int mmu_idx, MemTxAttrs attrs, + MemTxResult response, + uintptr_t retaddr) +{ + CPUClass *cc = CPU_GET_CLASS(cpu); + + if (cc->do_transaction_failed) { + cc->do_transaction_failed(cpu, physaddr, addr, size, access_type, + mmu_idx, attrs, response, retaddr); + } +} #endif #endif /* NEED_CPU_H */ -- cgit v1.1